server: fixes for the implicit and hybrid flow

Accept the following response_type for the implicit flow: id_token token id_token And the following for hybrid flow code id_token code token code token id_token This corrects the previous behavior of the implicit flow, which only accepted "token" (now correctly rejected).
2017-01-09 10:46:16 -08:00
parent ec9d1607b2
commit f926d74157
6 changed files with 318 additions and 62 deletions
--- a/server/rotation.go
+++ b/server/rotation.go
@@ -130,6 +130,7 @@ func (k keyRotater) rotate() error {

 		// Remove expired verification keys.
 		i := 0
+
 		for _, key := range keys.VerificationKeys {
 			if !key.Expiry.After(tNow) {
 				keys.VerificationKeys[i] = key